package com.octopus.optiworks.controller;

import org.apache.shiro.authz.annotation.RequiresPermissions;
import com.octopus.optiworks.model.EmployeeRole;
import com.octopus.optiworks.model.Employee;
import com.octopus.optiworks.service.UserService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.util.Assert;
import org.springframework.validation.BindingResult;
import org.springframework.web.bind.annotation.ModelAttribute;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;

@Controller
@RequestMapping("/role")
public class RoleController {

	private RoleValidator roleValidator = new RoleValidator();

	@Autowired
    private UserService userService;

    @RequestMapping("/manage.o")
    @RequiresPermissions("role:manage")
    public void manage(Model model) {
    	Employee user =  this.userService.getCurrentUser();
    	model.addAttribute("currentUser", user);
        model.addAttribute("roles", userService.getAllRoles());
    }

    @RequestMapping(value="/edit.o",method= RequestMethod.GET)
    @RequiresPermissions("role:edit")
    public String showEditRoleForm(Model model, @RequestParam Long roleId, @ModelAttribute EmployeeRole role) {
    	Employee user =  this.userService.getCurrentUser();
    	model.addAttribute("currentUser", user);
    	model.addAttribute("action", "Edit");
        EmployeeRole r = userService.getRole(roleId);
        role.setId(roleId);
        role.setName(r.getName());
        role.setDescription(r.getDescription());
        role.setPermissions(r.getPermissions());
        return "role/edit";
    }

    @RequestMapping(value="/edit.o",method= RequestMethod.POST)
    @RequiresPermissions("role:edit")
    public String editRole(Model model, @RequestParam Long roleId, @ModelAttribute EmployeeRole role, BindingResult errors) {
    	roleValidator.validate(role, errors );
        if( errors.hasErrors() ) {
        	model.addAttribute("action", "Edit");
            return "role/edit";
        }
        role.setId(roleId);
        try{
        	userService.updateRole(role);
        }catch (org.springframework.jdbc.UncategorizedSQLException e){
        	e.printStackTrace();
        	errors.rejectValue( "name", "error.name.exist", "The name has already existed." );
        	model.addAttribute("action", "Edit");
            return "role/edit";
        }
        return "redirect:/role/manage.o";
    }

    @RequestMapping("/delete.o")
    @RequiresPermissions("role:delete")
    public String deleteRole(@RequestParam Long roleId) {
    	Assert.isTrue( roleId != 1, "Cannot delete user role" );
        Assert.isTrue( roleId != 2, "Cannot delete admin role" );
        userService.deleteRole( roleId );
        return "redirect:/role/manage.o";
    }
    
    @RequestMapping(value="/create.o",method= RequestMethod.GET)
    public String showCreateRoleForm(Model model, @ModelAttribute EmployeeRole role) {
    	Employee user =  this.userService.getCurrentUser();
    	model.addAttribute("currentUser", user);
    	model.addAttribute("action", "Create");
        return "role/edit";
    }

    @RequestMapping(value="/create.o",method= RequestMethod.POST)
    public String createRole(Model model, @ModelAttribute EmployeeRole role, BindingResult errors) {
    	roleValidator.validate(role, errors );
        if( errors.hasErrors() ) {
        	model.addAttribute("action", "Create");
            return "role/edit";
        }
        try{
        	userService.createRole(role);
        }catch (org.springframework.dao.DataIntegrityViolationException e){
        	e.printStackTrace();
        	errors.rejectValue( "name", "error.name.exist", "The name has already existed." );
        	model.addAttribute("action", "Create");
        	return "role/edit";
        }
        return "redirect:/role/manage.o";
    }

}
